Tech Industry

Security specification gets OK'd

Standards group the Organization for the Advancement of Structured Information Standards (OASIS) announced Tuesday that it has ratified the Extensible Access Control Markup Language (XACML) as a standard, paving the way for its use in security products.

XACML is a specification that lets companies define security policies around Web services applications. With XACML-based security products, companies can spell out information access privileges for people. XACML is designed to work with another OASIS standard, Security Assertion Markup Language (SAML), which defines a common method for sharing authorization information between different security systems. The XACML specification was developed by Entrust, IBM, OpenNetwork, Quadrasis, Sterling Commerce, Sun Microsystems and other participants in OASIS.